Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SMrIzAsJ_G02lm_ApPyXeaqEmhw.roa
File: SMrIzAsJ_G02lm_ApPyXeaqEmhw.roa (raw, json)
Hash identifier: yldCLbCGHqmSBTn0TKlkUz+QyFZ/AdwlJJswErc1y30=
Subject key identifier: 48:CA:C8:CC:0B:09:FC:6D:36:96:6F:C0:A4:FC:97:79:AA:84:9A:1C
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6622BCBFCA8FC2D2ED4B7FD3261A9B0E
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SMrIzAsJ_G02lm_ApPyXeaqEmhw.roa
Signing time: Tue 05 Sep 2023 16:17:47 +0000
ROA not before: Tue 05 Sep 2023 16:17:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:22:bc:bf:ca:8f:c2:d2:ed:4b:7f:d3:26:1a:9b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 16:17:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48cac8cc0b09fc6d36966fc0a4fc9779aa849a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5b:17:3b:1b:2c:ee:92:54:0f:86:c5:d1:a6:
ee:12:3b:ba:58:79:03:59:93:db:14:f5:c0:6b:bc:
2c:3c:53:6f:07:40:14:45:7c:7c:01:fc:b6:1b:16:
8b:5e:69:a1:de:20:ce:1c:63:fa:03:ea:b9:9e:cb:
f6:85:b3:64:27:99:0e:2a:f5:16:f2:c0:80:b2:48:
ca:dd:9e:cb:bd:48:27:9d:3f:c2:48:b9:fc:4c:61:
cf:84:7b:9f:e1:b3:cf:e5:d7:ee:ae:a7:f8:14:2e:
a8:d3:ab:a0:ca:23:1d:ea:57:b5:cb:f7:77:38:d7:
aa:24:2c:90:f8:1e:17:6a:33:a0:5f:1a:da:ac:fc:
36:32:1e:ff:00:49:45:8a:31:52:49:fa:cb:91:26:
f5:e7:74:be:f8:81:42:3e:d3:65:de:67:27:5b:c6:
aa:37:76:b2:e5:88:91:da:3f:96:1f:d5:58:82:13:
99:49:87:aa:95:95:51:b8:f3:28:a9:19:76:db:e7:
6a:10:8b:f2:1d:e3:ef:2b:7e:3c:0e:66:56:13:a9:
bd:12:cb:0b:8a:87:9b:11:3b:63:6b:f5:a1:c5:1f:
7c:6e:37:a4:a2:5c:0b:44:db:5c:05:9a:7f:da:03:
ab:aa:b7:31:26:c2:83:44:06:ae:1e:0b:69:fd:5a:
b3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:CA:C8:CC:0B:09:FC:6D:36:96:6F:C0:A4:FC:97:79:AA:84:9A:1C
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SMrIzAsJ_G02lm_ApPyXeaqEmhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:5b:ea:98:bf:fb:b9:9f:f7:7e:7f:ec:09:a0:ad:4f:ec:d4:
e3:bc:04:fd:0d:2a:d1:46:fc:a2:57:9e:6a:0f:60:c8:cd:03:
b5:ca:00:48:78:54:03:6a:8d:cc:96:35:50:1e:ee:b8:7c:fc:
ac:c5:7c:44:9b:5a:d0:c3:62:77:f9:63:89:fe:95:31:1f:97:
66:94:aa:41:33:e5:ea:5a:ad:31:13:2c:da:fd:35:37:94:b0:
53:85:56:71:a4:d3:2f:51:e5:58:b0:3b:8e:43:fb:77:9e:07:
80:ca:7e:e9:ba:b6:cc:41:ae:36:61:c7:9f:59:cc:2f:40:2e:
ac:d2:56:a7:08:8c:01:00:73:c1:91:ca:06:83:35:3b:56:2c:
24:d5:44:a3:6b:0d:0e:6b:9a:2d:61:6f:e5:27:83:50:6f:92:
a4:c9:a7:ac:84:83:46:6a:d4:8b:86:17:c8:09:eb:14:8a:d1:
3a:46:87:7b:4f:e3:8e:f9:02:f5:e0:34:3b:0b:b8:7c:18:1f:
5f:87:05:bb:05:f9:80:c7:32:f1:91:59:16:7a:ac:30:0b:c3:
01:6f:80:ef:2f:74:fd:e5:92:f6:44:59:07:25:04:79:98:6c:
58:07:cc:56:d3:d6:db:d3:6f:71:c3:e3:07:84:5d:32:c1:d1:
20:04:4c:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpmIry/yo/C0u1Lf9MmGpsOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MTYxNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGNhYzhjYzBiMDlmYzZkMzY5NjZmYzBhNGZjOTc3OWFhODQ5YTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVsXOxss7pJUD4bF0abuEju6WHkD
WZPbFPXAa7wsPFNvB0AURXx8Afy2GxaLXmmh3iDOHGP6A+q5nsv2hbNkJ5kOKvUW
8sCAskjK3Z7LvUgnnT/CSLn8TGHPhHuf4bPP5dfurqf4FC6o06ugyiMd6le1y/d3
ONeqJCyQ+B4XajOgXxrarPw2Mh7/AElFijFSSfrLkSb153S++IFCPtNl3mcnW8aq
N3ay5YiR2j+WH9VYghOZSYeqlZVRuPMoqRl22+dqEIvyHePvK348DmZWE6m9EssL
ioebETtja/WhxR98bjekolwLRNtcBZp/2gOrqrcxJsKDRAauHgtp/VqzzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEjKyMwLCfxtNpZvwKT8l3mqhJocMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvU01ySXpBc0pfRzAybG1fQXBQeVhlYXFFbWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEdb6pi/+7mf935/7Amg
rU/s1OO8BP0NKtFG/KJXnmoPYMjNA7XKAEh4VANqjcyWNVAe7rh8/KzFfESbWtDD
Ynf5Y4n+lTEfl2aUqkEz5eparTETLNr9NTeUsFOFVnGk0y9R5ViwO45D+3eeB4DK
fum6tsxBrjZhx59ZzC9ALqzSVqcIjAEAc8GRygaDNTtWLCTVRKNrDQ5rmi1hb+Un
g1BvkqTJp6yEg0Zq1IuGF8gJ6xSK0TpGh3tP4475AvXgNDsLuHwYH1+HBbsF+YDH
MvGRWRZ6rDALwwFvgO8vdP3lkvZEWQclBHmYbFgHzFbT1tvTb3HD4weEXTLB0SAE
TEI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:43 2025 by rpki-client